ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web applications. It monitors the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a particular file which may result in accessing the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls on the market and it will secure even scripts which are not updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive data about every single intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs created by the Apache server, so you may later take a look at them and decide whether you need to take more measures in order to improve the safety of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting machines, so if you choose to host your Internet sites with our business, they'll be resistant to a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs via your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the security of our customers' websites very seriously, we employ a selection of commercial rules which we get from one of the top companies that maintain such rules. Our administrators also include custom rules to ensure that your sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web app you install inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall shall not block anything, but it shall still keep a record of possible attacks. This normally requires just a click and you'll be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered threats at the earliest opportunity.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web app doesn't function properly, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which could take place, but will not take any action to stop it. The logs generated in active or passive mode will present you with additional details about the exact file that was attacked, the type of the attack and the IP it came from, etc. This data will permit you to choose what steps you can take to boost the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial package from a third-party security company we work with, but sometimes our administrators include their own rules also when they identify a new potential threat.